[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rdr with no port?

To: <d.doroshenko@omnitel.net>
Subject: Re: rdr with no port?
From: "Eric Bullen" <eric@thedeepsky.com>
Date: Fri, 11 Jan 2002 08:30:31 -0800 (PST)
Cc: <tech@openbsd.org>
References: <20020111100602.B27547@hermit.omnitel.lan>

> hello. yesterday i installed 3.0 with PF starring, and while playing
> with nat.conf i became curious. proto part to rdr rule isn't required,
> however port part is. could it be difficult to make it optional as
> well, so that the following rule could work
>
> rdr on fxp0 from any to xxx.xxx.xxx.xxx -> yyy.yyy.yyy.yyy

Take a look at binat (man 5 nat.conf). This will do just that, then you can
control what ports you want through within pf.conf (including icmp, or
whatever). The only problem is that machine y will go out to the net natted
as x for outbound traffic.

-E

References:
- rdr with no port?
  - From: "Denis A. Doroshenko" <d.doroshenko@omnitel.net>

Prev by Date: ifconfig: socket: Protocol not supported
Next by Date: Re: ifconfig: socket: Protocol not supported
Prev by thread: Re: rdr with no port?
Next by thread: sparc-current && /dev/fb
Index(es):
- Date
- Thread